Minor doc/javadoc updates to clarify use of UserDetailsContextapper.

16 years ago · 657a69b906
2 changed files with 13 additions and 10 deletions
--- a/docs/manual/src/docbook/ldap-auth-provider.xml
+++ b/docs/manual/src/docbook/ldap-auth-provider.xml
@ -364,16 +364,18 @@ public interface UserDetailsContextMapper {
				@@ -364,16 +364,18 @@ public interface UserDetailsContextMapper {

  void mapUserToContext(UserDetails user, DirContextAdapter ctx);
 }]]>
-                </programlisting> Only the first method is relevant for
-                authentication. If you provide an implementation of this interface, you can control
-                exactly how the UserDetails object is created. The first parameter is an instance of
-                Spring LDAP's <interfacename>DirContextOperations</interfacename> which gives you
-                access to the LDAP attributes which were loaded. The <literal>username</literal>
-                parameter is the name used to authenticate and the final parameter is the collection
-                of authorities loaded for the user. </para>
+                </programlisting> Only the first method is relevant for authentication. If you
+                provide an implementation of this interface and inject it into the
+                <classname>LdapAuthenticationProvider</classname>, you have control over exactly how
+                the UserDetails object is created. The first parameter is an instance of Spring
+                LDAP's <interfacename>DirContextOperations</interfacename> which gives you access to
+                the LDAP attributes which were loaded during authentication. The
+                <literal>username</literal> parameter is the name used to authenticate and the final
+                parameter is the collection of authorities loaded for the user by the configured
+                <interfacename>LdapAuthoritiesPopulator</interfacename>. </para>
            <para> The way the context data is loaded varies slightly depending on the type of
-                authentication you are using. With the <classname>BindAuthenticator</classname>,
-                the context returned from the bind operation will be used to read the attributes,
+                authentication you are using. With the <classname>BindAuthenticator</classname>, the
+                context returned from the bind operation will be used to read the attributes,
                otherwise the data will be read using the standard context obtained from the
                configured <interfacename>ContextSource</interfacename> (when a search is configured
                to locate the user, this will be the data returned by the search object). </para>
--- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java
@ -23,7 +23,8 @@ import org.springframework.ldap.core.DirContextAdapter;
				@@ -23,7 +23,8 @@ import org.springframework.ldap.core.DirContextAdapter;

 /**
 * Operations to map a UserDetails object to and from a Spring LDAP <tt>DirContextOperations</tt> implementation.
- * Used by LdapUserDetailsManager when loading and saving/creating user information.
+ * Used by {@code LdapUserDetailsManager} when loading and saving/creating user information, and also by the
+ * {@code LdapAuthenticationProvider} to allow customization of the user data loaded during authentication.
 *
 * @author Luke Taylor
 * @since 2.0